DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Pass Your Check Point 156-215 Exam Prep: Check Point 156-215 Study Materials, Check Point Certified Security Administrator R80 | SPOTO

Committed to earning the prestigious Check Point Certified Security Administrator (CCSA) R80 certification? Our comprehensive 156-215 study materials are exactly what you need to prepare. Access hundreds of realistic online exam questions, sample questions, mock exams, and exam dumps covering Security Gateway, Management Software Blades, and the GAiA operating system. These authentic practice tests allow you to experience the actual certification exam format and identify knowledge gaps through exam questions and answers. Regular exam practice with our free online test resources is proven to boost skills and confidence for passing the challenging CCSA R80 exam. Start today with our latest study guides and practice materials - utilizing premium prep could make the difference in your success!
Take other online exams
Question #1
If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators?
A. Publish or discard the session
B. Revert the session
C. Save and install the Policy
D. Delete older versions of database
View answer
Correct Answer: A
Question #2
The IT Management team is interested in the new features of the Check Point R80.x Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80.x because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?
A. R80
B. R80
C. R80
D. R80
View answer
Correct Answer: A
Question #3
When you upload a package or license to the appropriate repository in SmartUpdate, where is the package or license stored
A. Security Gateway
B. Check Point user center
C. Security Management Server
D. SmartConsole installed device
View answer
Correct Answer: C
Question #4
You have enabled “Extended Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
A. Logging has disk space issues
B. Content Awareness is not enabled
C. Identity Awareness is not enabled
D. Log Trimming is enabled
View answer
Correct Answer: A
Question #5
Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?
A. The firewall topologies
B. NAT Rules
C. The Rule Base
D. The VPN Domains
View answer
Correct Answer: A
Question #6
The security Gateway is installed on GAiA R80. The default port for the WEB User Interface is _______ .
A. TCP 18211
B. TCP 257
C. TCP 4433
D. TCP 443
View answer
Correct Answer: D
Question #7
Why would an administrator see the message below?
A. A new Policy Package created on both the Management and Gateway will be deleted and must be backed up first before proceeding
B. A new Policy Package created on the Management is going to be installed to the existing Gateway
C. A new Policy Package created on the Gateway is going to be installed on the existing Management
D. A new Policy Package created on the Gateway and transferred to the Management will be overwritten by the Policy Package currently on the Gateway but can be restored from a periodic backup on the Gateway
View answer
Correct Answer: B
Question #8
Fill in the blank: Authentication rules are defined for ____________.
A. User groups
B. Users using UserCheck
C. Individual users
D. All users in the database
View answer
Correct Answer: B
Question #9
To enforce the Security Policy correctly, a Security Gateway requires:
A. a routing table
B. that each Security Gateway enforces at least one rule
C. a Demilitarized Zone
D. a Security Policy install
View answer
Correct Answer: B
Question #10
Which command is used to add users to or from existing roles?
A. Add rba user roles
B. Add rba user
C. Add user roles
D. Add user
View answer
Correct Answer: A
Question #11
Which of the following is NOT a tracking option? (Select three)
A. Partial log
B. Log
C. Network log
D. Full log
View answer
Correct Answer: A
Question #12
Which one of the following is true about Threat Extraction?
A. Always delivers a file to user
B. Works on all MS Office, Executables, and PDF files
C. Can take up to 3 minutes to complete
D. Delivers file only if no threats found
View answer
Correct Answer: B
Question #13
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After a while, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?
A. Run fwm dbexport -1 filename
B. Run fwm_dbexport to export the user database
C. Restore the entire database, except the user database, and then create the new user and user group
D. Restore the entire database, except the user database
View answer
Correct Answer: D
Question #14
On the following graphic, you will find layers of policies. What is a precedence of traffic inspection for the defined polices?
A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if Implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer
D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then if it is accepted then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer
View answer
Correct Answer: B
Question #15
You are the senior Firewall administrator for ABC Corp., and have recently returned from a training course on Check Point's new advanced R80 management platform. You are presenting an in-house overview of the new features of Check Point R80 Management to the other administrators in ABC Corp. How will you describe the new “Publish” button in R80 Management Console?
A. The Publish button takes any changes an administrator has made in their management session, publishes a copy to the Check Point of R80, and then saves it to the R80 database
B. The Publish button takes any changes an administrator has made in their management session and publishes a copy to the Check Point Cloud of R80 and but does not save it to the R80
C. The Publish button makes any changes an administrator has made in their management session visible to all other administrator sessions and saves it to the Database
D. The Publish button makes any changes an administrator has made in their management session visible to the new Unified Policy session and saves it to the Database
View answer
Correct Answer: C
Question #16
The R80 feature ________ permits blocking specific IP addresses for a specified time period.
A. Block Port Overflow
B. Local Interface Spoofing
C. Suspicious Activity Monitoring
D. Adaptive Threat Prevention
View answer
Correct Answer: C
Question #17
Which GUI tool can be used to view and apply Check Point licenses?
A. cpconfig
B. Management Command Line
C. SmartConsole
D. SmartUpdate
View answer
Correct Answer: C
Question #18
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server Operating System. He can do this via WebUI or via CLI. Which command should he use in CLI?
A. remove database lock
B. The database feature has one command: lock database override
C. override database lock
D. The database feature has two commands: lock database override and unlock database
View answer
Correct Answer: D
Question #19
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
B. Create a separate Security Policy package for each remote Security Gateway
C. Create network objects that restrict all applicable rules to only certain networks
D. Run separate SmartConsole instances to login and configure each Security Gateway directly
View answer
Correct Answer: B
Question #20
What is the mechanism behind Threat Extraction?
A. This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender
B. This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient
C. This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring)
D. Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast
View answer
Correct Answer: D
Question #21
In a Network policy with Inline layers, the default action for the Implied last rule is ________ all traffic. However, in the Application Control policy layer, the default action is ________ all traffic.
A. Accept; redirect
B. Accept; drop
C. Redirect; drop
D. Drop; accept
View answer
Correct Answer: D
Question #22
What port is used for communication to the User Center with SmartUpdate?
A. CPMI 200
B. TCP 8080
C. HTTP 80
D. HTTPS 443
View answer
Correct Answer: D
Question #23
What action can be performed from SmartUpdate R77?
A. upgrade_export
B. fw stat -1
C. cpinfo
D. remote_uninstall_verifier
View answer
Correct Answer: C
Question #24
While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?
A. Security Gateways is not part of the Domain
B. SmartConsole machine is not part of the domain
C. Security Management Server is not part of the domain
D. Identity Awareness is not enabled on Global properties
View answer
Correct Answer: B
Question #25
Which of the following is NOT a SecureXL traffic flow?
A. Medium Path
B. Accelerated Path
C. High Priority Path
D. Slow Path
View answer
Correct Answer: C
Question #26
Which of the following statements is TRUE about R80 management plug-ins?
A. The plug-in is a package installed on the Security Gateway
B. Installing a management plug-in requires a Snapshot, just like any upgrade process
C. A management plug-in interacts with a Security Management Server to provide new features and support for new products
D. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in
View answer
Correct Answer: C
Question #27
Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.
A. AES-128
B. AES-256
C. DES
D. 3DES
View answer
Correct Answer: A
Question #28
Which of the following is NOT a set of Regulatory Requirements related to Information Security?
A. ISO 37001
B. Sarbanes Oxley (SOX)
C. HIPAA
D. PCI
View answer
Correct Answer: A
Question #29
You work as a security administrator for a large company. CSO of your company has attended a security conference where he has learnt how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the right protections in place. Check Point has been selected for the security vendor. Which Check Point products protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users
A. IPS and Application Control
B. IPS, anti-virus and anti-bot
C. IPS, anti-virus and e-mail securityD
View answer
Correct Answer: D

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.